Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

WEBINAR:On-Demand

The U.S. Department of State shut down its unclassified network in March in an effort to shore up the security of its systems following the discovery late last year that spies had access to the network.

The brief statement on the planned outage gave few details, except that the agency would be "implementing improvements to the security of its main unclassified network." In mid-November, the State Department shut down its unclassified email system after it detected "activity of concern" on the network, reportedly the result of an attack coming from Russia.

The current planned outage came after similar activity had been detected, according to the latest statement. The agency has been working with security providers to clean up its systems and harden them against future attacks.

"The Department continues to closely monitor and respond to activity of concern on our unclassified network," Jen Psaki, a State Department spokesperson, said in a statement posted on March 13. "Such activity is something we take very seriously."

Further reading

The ongoing security saga at the State Department highlights that the Internet has become a playground for nation-state spies and hackers. Since the discovery of the Stuxnet attack on the Iran's Natanz nuclear processing facility—an attack attributed to U.S. and Israeli intelligence agencies—dozens of government-backed operations have been discovered.

Espionage networks attributed to a number of nations—including China, France, Israel, North Korea, Iran, Russia, the United Kingdom and the United States—have all been discovered in the past year.

The actual espionage networks have been in operation much longer. There are indications that some of the attacks, such as the recently-revealed Equation Group operation, have been operational since as early as the late-1990s.

While the current wisdom in the security industry is that companies should always assume that they have been breached, the State Department's situation leaves the agency unable to trust its systems, James Bindseil, CEO of collaboration services and security firm Globalscape, told eWEEK.

"Once you have been compromised, every single system is suspect,” he said. "Compromising the State Department's email systems is not the goal; that's just a method of getting in initially. And once they are in, attackers commonly install backdoors to make sure they have access in the future."

The State Department stressed that no classified systems had been breached, but acknowledged that U.S. government institutions have been under increasing attack by hacking groups and foreign adversaries.

"The Department is among a growing list of public institutions and private industries facing an increasing number of sophisticated cyber-threats," Psaki said in the statement. "We are leading a team of dedicated experts from other agencies and the private sector that are working around the clock to protect the Department’s data."

The government needs to take a more measured approach to security, designing in safeguards, rather than bolting them on after that fact, said Globalscape's Bindseil.

"They can't just go in and scrub a bunch of machines over the weekend, because they will be doing this same exact thing in a month," he said.

By submitting your information, you agree that eweek.com may send you eWEEK offers via email, phone and text message, as well as email offers about other products and services that eWEEK believes may be of interest to you. eWEEK will process your information in accordance with the Quinstreet Privacy Policy.

We ran into a problem

We already have your email address on file. Please use the "Forgot your password?" link to create a password, validate your email and login.